Problem

PR #1548 implemented SEP-985 fallback discovery but is missing a critical security requirement from RFC 9728 Section 3.3.

RFC 9728 Section 3.3 requires: The resource field in protected resource metadata responses MUST be validated to match the expected resource identifier. If values don't match, the metadata MUST be rejected.

This validation prevents impersonation attacks where a malicious server returns metadata claiming to describe a legitimate resource but containing attacker-controlled authorization servers.

What's Needed

Client must validate:

1. Same origin validation: Resource field must have same scheme, host, and port as the server
2. Path validation for path-based discovery: When using /.well-known/oauth-protected-resource/{path}, the resource field must match or be a valid parent of the expected path
3. Fallback on mismatch: Reject invalid metadata and try the next discovery URL in the fallback chain

Related

• SEP-985: SEP-985: Align OAuth 2.0 Protected Resource Metadata with RFC 9728 modelcontextprotocol#985
• RFC 9728 Section 3.3: https://datatracker.ietf.org/doc/html/rfc9728#section-3.3
• PR Implement SEP-985: OAuth Protected Resource Metadata discovery fallback #1548